Google Chrome Intended to block SHA-1 certificates in 2016

In 2016 websites with new SHA-1 certificates will not be supported by Google Chrome due to security said company.

In last September, Google announced plans to slowly close support for the SHA-1 algorithm used within online certificates, used to validate websites.

In a blog post on Monday, Lucas Garron from Chrome security and David Benjamin from Chrome networking wrote, “Google Chrome does not treat SHA-1 certificates as secure anymore and will completely stop supporting them over the next year. Chrome will discontinue support in two steps: first blocking new SHA-1 certificates and second blocking all SHA-1 certificates.”

The move will come in two stages, First company will block new SHA-1 certificates with Chrome 48, before eventually blocking all SHA-1 certificates altogether at a later stage.

Google Chrome will display a certificate error if websites are signed with an SHA-1-based signature, use an SHA-1 certificate issued after 1 January 2016 or are chained to a public CA. Google says that starting January 1 2017 Chrome will completely stop supporting SHA-1 certificates. From then, the websites with SHA-1-based signature as part of the certificate chain will trigger a fatal network error.

Google, Mozilla and Microsoft have all announced their browsers will mark SHA-1 certificates as insecure by 2017 in favor of SHA-2, but Google has decided to stop supporting sites with SHA-1 certificate completely a little earlier than expected.